Wings of Hermes

Introduction

Wings of Hermes is a site devoted to computer security,
particulary in the open source arena. It's primarily a collection
point for things I'm interested in - hopefully it's useful
to others as well.

News

9 June 2015

Released version 0.4 of my pldap library. It's a very simple
lightweight PAM module for authenticating users against LDAP.
Primarily for Linux.

02 May 2010

Will I find it quite hard to believe - 4 years since I last updated
this site! Time for a bit of TLC I think. I've added a
blog site that
you can jump to from the left hand menu and over the next few weeks
I might start looking at the links and rearranging things a bit.

23 April 2006

Version 0.2 of Pldap has been released. This officially moves the
code to beta status, and includes a number of
minor fixes including:

Support for Solaris, NetBSD and FreeBSD

Configure fixes to determine client LDAP libraries

Compile under Redhat FC5

Minor Bug Fixes

13 March 2006

I've just added a new section to the site for
musings on
Information Security. Over time I expect it to become a
collection of the things I've found out the hard way.

The section has been started off with some thoughts on
policy and the importance that it really holds in the big
scheme of things. Comments welcome - just email me at
berin AT wingsofhermes DOT org.

8 May 2005

I've been working on a replacement PAM LDAP module (called
pldap) to allow me to
implement some features I require when determining whether a user
is permitted to access a particular system based on group
membership in an LDAP compliant directory. This is the first alpha
release of the code. All comments and feedback/thoughts welcome.

In its first release, the module has been implemented against
OpenLDAP under Linux,
and supports a number of basic authentication features, such as :

Authenticating users to a directory using a simple bind

Using a filter to search groups for permission to access
a particular system

Format strings to allow users to configure how a userid
appears in a DN

TLS

The long term plan is to try to put together a PAM module that has
a concept of history, to reduce high overhead queries to the
directory.